Is there a way to get Windows Authentication with HttpClient?

Question

The title says it all.  Here's what I'm doing now:

HttpClient client = new HttpClient();
HttpResponseMessage msg = await client.GetAsync("some url goes here");
string response = msg.Content.ReadAsString();

This works fine when the URL points to a public internet site.  When I point it at an internal site on my network (where everything is secured on a Windows network), it just hangs.  I'd expect an exception or something, but nevertheless, I'm sure I need to get Windows auth for the request.  There don't seem to be any options for setting auth for the HttpClient object.

What should I do?

 

Answer 1

- Hangs?  The default timeout for a request is 100 seconds.

- If this were an authentication problem you'd get a 401 error back.  It sounds like you do not have the privateNetworkClientServer capability enabled.  The internetClient capability is enabled by default for new applications.

http://msdn.microsoft.com/en-us/library/windows/apps/br211380#specifying_app_capabilities

 

- You can enable Integrated Windows Authentication (NTLM) on HttpClientHandler as follows:

HttpClientHandler handler = new HttpClientHandler();

handler.UseDefaultCredentials = true;

HttpClient client = new HttpClient(handler);

...

 

There is also a defaultWindowsCredentials capability you'll need to enable that is listed on the link above.

Answer 2

Hmm.  Well, I don't know if hang is right -- it may time out after 100 seconds.  But I meant that the program does not appear to proceed past the await line...

I added the capabilities suggested (privateNetworkClientService, defaultWindowsCredentials and internetClient).  I also added the HttpClientHandler with UseDefaultCredentials.  Unfortunately, the behavior appears the same.

In order to diagnose what might be going on, I put a try/catch around the whole thing and discovered that an HttpRequestException is being thrown.  Its InnerException is a WebException ("Unable to connect to remote server") and that inner exception of that one is a SocketException ("An attempt was made to access a socket in a way forbidden by its access permissions xxx.xxx.xxx.xxx:80"}.

So, this leaves me with two questions: first, why is this otherwise unhandled exception not being reported by my app?  second, why am I getting this error? 

FWIW, I tried pointing the request to a completely different server (but on the same internal corporate network) and get the same response, so I don't think it's related to the server endpoint.  Both of the test URLs I'm trying work fine via a browser.

I'm stumped.

 

 

 

 

Answer 3

- I assume you're running this from your UI thread? (From a button event handler?) I bet the UI is swallowing the exception.

- That SocketException is the error message expected for missing network capabilities.  Also, make sure you're not trying to connect to loopback (localhost, 127.0.0.1, ::1, etc.) as this is blocked for Metro apps.

Answer 4

Doh! My problem was that I thought that I had privateNetworkClientServer  set but I had the wrong things set (since I followed the cues in the VS capabilities UI and didn't correctly map privateNetworkClientServer  to "Home/work networking").  Having edited the manifest directly I saw that privateNetworkClientServer  was missing and added it.  The request now works.  Thanks.

One last thing: should I assume that because the UI is swallowing the exception that I need to build in some kind of handler in my app for unhandled exceptions?  I would have assumed the OS would do something with them -- my app doesn't have any code in it to swallow exceptions that I can see (I certainly didn't put any in).

Answer 5

.NET design guidelines say to always handle 'expected' exceptions for any operation you do.  For HttpClient a HttpRequestException is expected if anything goes wrong in transit.

 

You may also consider some generic Exception handling for debugging purposes.